CVE-2024-49353

EUVD-2024-43722
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 through 5.0.2 does not properly check inputs to resources that are used concurrently, which might lead to unexpected states, possibly resulting in a crash.
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
ibmwatson_assistant_for_ibm_cloud_pak_for_data
4.0.0 ≤
𝑥
< 5.0.3
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
ibmwatson_speech_services_cartridge_on_cloud_pak_for_data
4.0.0 ≤
𝑥
≤ 5.0.2
ADP
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7177065